UICDS: Middleware for National Response and Information Management

1. Introduction • UICDS is the “middleware foundation” that enables National Response Framework (NRF) and National Information Management System (NIMS), including Incident Command Structure (ICS), information sharing and decision support among commercial and government incident management technologies used across the country to prevent, protect, respond, and recover from natural, technological, and terrorist events • The UICDS Architecture Specification that describes standards and data model for technology providers to adapt their products and share information • A pilot reference implementation that is a real-world, operational test environment and development kit for technology providers to use to adapt their products • A national outreach program to expand awareness of the role of technology in homeland security Chip Mahoney, P. E. Project Manager, Unified Incident Command and Decision Support (UICDS) Science Applications International Corporation (SAIC) UICDS Sponsor: Larry Skelly Department of Homeland Security Science & Technology Directorate, Infrastructure & Geophysical Division

2. What Is the Process That You and/or Your Company Use to Ensure That Your Product Meets the Needs of the End-user? • Derived from from nationally recognized policy-level documents • National Information Management System (NIMS) • National Response Framework (NRF) • Open, non-proprietary, standards-based design and interfaces • Identification of end-user needs and technology provider capabilities via a national outreach program • End user subject matter experts (internal and external) • Government (early focus on federal, transition to states and locals) • Technology providers (commercial off-the-shelf, government off-the-shelf, universities) • Evolutionary development with continual feedback into the system design and implementation • Software engineering process that results in: • Architecture -> demonstration -> pilot -> deployment • Early demonstration of system feasibility • Multiple opportunities for the end-user assessment • Multiple builds build on previous operational concept

3. What Are Some of the Challenges Associated With This Process? • Technical challenges • Large number of integrations (jurisdictions, sites, applications) • No single solution for information sharing – multiple networks and interfaces • Peer-to-peer coordination versus centralized command and control • Evolving technologies and standards and applications • Operational challenges • Information-sharing desires vary • Local capabilities, needs and constraints vary • Local investments in technology vary • Programmatic challenges • Local acceptance of a federally funded capability • Competing end-user feedback

4. And Does This Process Vary Depending on Whether the Customer/Client Is a Government Agency Versus a Commercial Company? • UICDS outreach focuses on both government organizations and technology providers • UICDS Technology Providers (commercial off-the-shelf and government off-the-shelf vendors, universities) via regular communications • Biweekly telecons (20 – 40 participants) with specific technical topics and coordination of upcoming events and opportunities • Regular emails (approximately 900 on the mailing list, approximately 240 active, approximately 90 DevKit users, 30 demo participants) • Government organizations (federal, state, tribal, local, non-government organizations) via meetings, briefings, demos and UICDS pilot participation • Federal (including Departments of Homeland Security, Justice, and Defense,and FEMA and Health and Human Services) • State/local (including UICDS pilot in Virginia, All Hazards Consortium) • NGOs (including power companies, universities, aid matrix) • Conferences and workshops provide a confluence of government and UICDS Technology Providers • Recent examples include UCore Users Group, NIEM/OASIS Conference, International Association of Emergency Managers (IAEM) Conference, Public Safety Innovation Center (PSIC), EMWS09 • www.UICDS.us provides an interactive platform for UICDS collaboration • Introductory materials • Document library • Demos • Discussions Acronyms are defined on page 8.

5. How Do You Validate or Assess the Efficacy of Your Technology? • UICDS efficacy is validated by: • Improvements in end-user information sharing and decision support capabilities in a standard fashion (one-to-many integration) • Within a jurisdiction/organization • Across jurisdictions/organizations • Number of participating technology providers and jurisdictions/organizations and how they interact • Specific quantitative metrics that describe interactions and help validate scalability • Incident frequency and duration • Information sharing numbers, update frequency, file size

6. Are There Industry Standards That Help Define How Well a Technology Must Perform in Order to Be Effective? If There Are No Standards, Should There Be? • Industry standards help facilitate interoperability. Examples include: • Policy level: NIMS/NRF • Information exchanges: NIEM, UCore • Domain-specific standards bodies: OASIS, OGC, LEITSC, IEEE, APCO, ASTM • Complexity of systems leads to the use of multiple standards • Overlap and gaps • How standards are implemented is a challenge • Buy/build: When to use existing standards and when to create a new standard? • System compliance to a standard - complete versus partial – what is enough? • Flexibility for ease of implementation versus “creative differences” • System-specific overhead information UICDS integrates across multiple standards (and across domains) Acronyms are defined on page 8.

7. Visit Us at www.UICDS.us UICDS Project Community Outreach Director James W. Morentz, Ph.D. (703) 589-3706 morentzj@saic.com DHS S&T Program Manager: Lawrence E. Skelly lawrence.skelly@dhs.gov DHS S&T Technical Lead: Nabil R. Adam, Ph.D. nabil.adam@dhs.gov DHS S&T Program Support: Tomi` Finkle tomi.finkle@associates.dhs.gov UICDS Project Project Manager Chip Mahoney (917) 574-7356 mahoneyc@saic.com

8. Acronyms • NIEM = National Information Exchange Model • NIMS = National Information Management System • NGO = Non-Government Organization • NRF = National Response Framework • OASIS = Organization for the Advancement or Structured Information Standards • OGC = Open Geospatial Consortium • PSIC = Public Safety Innovation Center • SAFECOM = a DHS communications program • SIOC = Strategic information and operations center • SME = Subject Matter Expert • SOAP = Simple Object Access Protocol • ST = Science and Technology • UICDS = Unified Incident Command and Decision Support • UCore = Universal • ULEX = Universal Lexical Exchange • VA = Virginia • APCO = Association of Public Safety Communications Officials • ASTM = American Society of Testing and Materials • CAP = Common Alerting Protocol • COTS = Commercial Off The Shelf • DHS = Department of Homeland Security • DOJ = Department of Justice • EDXL = Emergency Data Exchange Language • EDXL-DE = EDXL Distribution Element • EDXL-RM = EDXL Resource Messaging • EMWS09 = Workshop on Emergency Management: Incident, Resource, and Supply Chain Management • FEMA = Federal Emergency Management Agency • GOTS = Government Off The Shelf • GeoRSS = an emerging Web feed standard for encoding location • HHS = Health and Human Services • ICS = Incident Command System/Structure • IEEE = Institute of Electrical and Electronics Engineers • LEITSC = Law Enforcement Information Technology Standards Council • MACS = Multi-Agency Coordination System